Optimized interface between two network elements operating under an authentication, authorization and accounting protocol

ABSTRACT

According to several embodiments of the present invention, a single session according to an authentication, authorization and accounting protocol, with a network element carrying out a policy and charging rule function is created, wherein the specific session may be used to manage and/or report policy and/or charging control rules.

FIELD OF THE INVENTION

The present invention relates to an apparatus, method and computerprogram product for reducing signaling in an interface between twonetwork elements operating under an authentication, authorization andaccounting protocol, for example in a Gx interface.

RELATED BACKGROUND ART

The following meanings for the abbreviations used in this specificationapply:

-   3GPP: 3rd generation partnership project-   AAA: Authentication, Authorization, Accounting-   AF: Application Function-   AN: Access network-   AVP: Attribute Value Pair-   CCR: Credit Control Request-   CCA: Credit Control Answer-   DDS: Dedicated Diameter Session for IP-CAN bearer/session-   GGSN: Gateway GPRS Support Node-   GTP: GPRS Tunnelling Protocol-   Gx: Name of interface between PCEF and PCRF-   HSS: Home Subscriber Server-   IMS: IP multimedia subsystem-   IP: Internet Protocol-   IP-CAN: Internet Protocol Connectivity Access Network-   LTE: Long Term Evolution-   MME: Mobility Management Entity-   QCI: QoS Class Identifier-   QoS: Quality of Service-   PCC: Policy and Charging Control-   PCEF: Policy and Charging Enforcement Function-   PCRF: Policy and Charging Rule Function-   PDN: Packet Domain Network-   P-GW: PDN Gateway-   RAR: Re-Authorization Request-   RAA: Re-Authorization Answer-   RAT: Radio Access Technology-   SGSN: Serving GPRS Support Node-   S-GW: Serving Gateway-   SIP: Session Initiation Protocol

Examples of the present invention are related to the Gx interface, whichis part of the 3GPP/LTE PCC (policy and charging control) architecture,as shown in FIG. 8 (corresponding to FIG. 5.1.1 from 3GPP 23.203).

In particular, reference number 1 denotes a subscription profilerepository (SPR) in which subscription profiles are stored. Referencenumber 2 denotes an application function (AF). Reference number 3denotes a policy and charging rules function (PCRF). The PCRF is afunctional element that encompasses policy control decision and flowbased on charging control functionalities. Reference number 4 denotes abearer binding and event reporting function (BBERF). The BBERF is afunctional element located in the serving gateway (S-GW) and providescontrol over the user plane traffic handling and other functionalities,such as bearer handling etc. Reference number 5 denotes an onlinecharging system (OCS), which also comprises a service data flow basedcredit control 51. Furthermore, reference number 6 denotes a gateway, inwhich a policy and charging enforcement function (PCEF) 61 is provided.The PCEF encompasses policy enforcement and flow based chargingfunctionalities. In particular, it provides control over the user planetraffic handling at the gateway and provides service data flow detectionaccounting as well as online and offline charging interactions.Reference number 7 denotes an offline charging system (OFCS).

Between the elements described above, several reference points aredefined. Between the SPR and the PCRF the Sp reference point is defined,via which the PCRF my obtain information such as subscriber and servicerelated data. Between the AF 2 and the PCRF, the Rx reference point isdefined, via which the PCRF my obtain information such as session, mediaand subscriber related information. Between the PCRF and the BBERF, theGxx reference point is defined, via which the PCRF may obtain bearerrelated data. Between the PCRF and PCEF the Gx reference point isdefined, via which the PCRF may obtain information regarding IP-CANbearer attributes, request type, subscriber related information and thelike from the PCEF. Between the service data flow based credit control51 of the OCS 5 and the PCEF, the Gy reference point is defined, andbetween the PCRF and the OFCS, the reference point Gz is defined.

Embodiments of the present invention aim to improve the performance ofGx interface by reducing the amount of signalling performed in the Gxinterface. Gx interface is based on Diameter Gx application protocol,which is fairly heavy protocol.

In an example PCRF product, one cluster could handle 4000 messages persecond and it could be able to handle 600000 concurrent sessions. Anexample gateway could have 5 million concurrent sessions. This meansthat at least 9 PCRF products are required to have 5 million concurrentsessions of single gateway. In past, operators have not been willing toinvest lots of money to PCC. On the other hand, most operators are stillinterested in PCC architecture and they would most likely buy Gxinterface provided there is a vendor who can provide cost efficient yetfully functional Gx interface.

In prior art, there are already some solutions, which can be used toreduce the amount of signalling in Gx interface and thus reduce the costof the Gx interface.

For example, it is possible to locally define policies in the gateway.It is also possible to define the detailed policy rules in the gatewayand refer to those policy rules in the Gx interface using ruleidentifiers such as rule base identifiers. This solution reduces theamount of parameters exchanged over the Gx interface, but it does notreduce the amount of signalling itself. Even if there are locallydefined policy rules in the gateway, gateway still needs to request forPCC rules when IP-CAN bearer is established. Thus, this optimizationdoes not actually reduce the amount of signalling or number of theconcurrent Gx sessions, so it is not possible to reduce the number ofPCRF nodes in the PCC infrastructure.

PCRF may provision event triggers to PCEF. As specified in 3GPP 29.212,section 4.5.3, an event trigger may be used to determine which IP-CANsession modification or specific event causes the PCEF to re-request PCCrules. Although event trigger reporting from PCEF to PCRF can apply foran IP CAN session or bearer depending on the particular event,provisioning of event triggers will be done at session level.

It is possible to disable all event triggers and thus prevent allsignalling related to IP-CAN modifications. If PCRF does not get anyinformation about the IP-CAN bearer modifications, it cannot update PCCrules based on modification to IP-CAN bearer. For some modifications,this may not be an issue, if PCC rules define how policy should bechanged when e.g. roaming status or RAT changes. On the other hand,disabling all event triggers would also seriously limit the PCRFcapability to control the QoS, because PCRF cannot authorize QoSmodifications and it would not know what the currently applied QoS isfor IP-CAN bearers. Thus, it is not feasible to disable all the eventtriggers. Furthermore, this solution does not reduce the amount ofconcurrent Gx sessions, because Gx sessions still have to be maintaineduntil the IP-CAN bearer is terminated.

SUMMARY OF THE INVENTION

Hence, it is an object of the present invention to overcome theshortcomings of the prior art.

According to several embodiments of the present invention, a singlesession according to an authentication, authorization and accountingprotocol, with a network element carrying out a policy and charging rulefunction is created, wherein the specific session may be used to manageand/or report policy and/or charging control rules.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other objects, features, details and advantages will becomemore fully apparent from the following detailed description ofembodiments which is to be taken in conjunction with the appendeddrawings, in which:

FIG. 1 shows a structure of several network elements according to anembodiment of the present invention;

FIG. 2 shows a signaling flow of a comparative example which illustratesproviding of PCC rules upon creating IP-CAN bearers according to theprior art;

FIG. 3 shows a signaling flow according to an embodiment of theinvention which illustrates signaling flow upon creating of IP-CANbearers;

FIG. 4 shows a signaling flow of a comparative example which illustratesproviding of PCC rules upon creating and updating of an IP-CAN beareraccording to the prior art;

FIG. 5 shows a signaling flow according to an embodiment of theinvention which illustrates signaling flow upon creating and updating ofIP-CAN bearer;

FIG. 6 shows a signaling flow according to an embodiment of theinvention illustrating an unsolicited PUSH procedure in which specialPCC rules are provided for an IP-CAN session or bearer;

FIG. 7 shows a signaling flow according to an embodiment of theinvention illustrating an unsolicited PUSH procedure by which a newdedicated Diameter session (DDS) is created based on the PUSH procedure;and

FIG. 8 shows the PCC architecture in 3GPP/SAE.

DETAILED DESCRIPTION OF EMBODIMENTS

In the following, description will be made to several embodiments of thepresent invention. It is to be understood, however, that the descriptionis given by way of example only, and that the described embodiments areby no means to be understood as limiting the present invention thereto.

FIG. 1 shows structures of the network elements as used in theembodiments described in the following.

Reference number 11 denotes a policy and charging enforcement function(PCEF) as an example for an apparatus according to the embodiments. ThePCEF 11 comprises a controller 111 which might perform the overallcontrol of the PCEF, may create Diameter sessions (as an example forauthentication, authorization and accounting protocol sessions) and thelike. Furthermore, the PCEF comprises a sender/receiver 112, by whichmessages can be received or sent. The sender/receiver may be a physicalinterface, a connector or the like. It may also be provided as separatereceiver and sender.

Reference number 12 denotes a policy and charging rule function (PCRF)as an example for another apparatus according to the embodiments. ThePCRF 12 comprises a controller 121 which might perform the overallcontrol of the PCRF, may handle policy decisions for Diameter sessions(as an example for authentication, authorization and accounting protocolsessions) and the like. Furthermore, the PCRF comprises asender/receiver 122, by which messages can be received or sent. Thesender/receiver may be a physical interface, a connector or the like. Itmay also be provided as separate receiver and sender.

Furthermore, reference number 13 denotes an authentication,authorization and accounting (AAA) server comprising a storage 131, inwhich data related to applications are stored. Reference number 14denotes a home subscriber server (HSS) 14 comprising a storage 141, inwhich subscriber and service related data are stored.

In the following, several features according to embodiments of theinvention are described, which are carried out in the elements shown inFIG. 1.

-   -   Defining a new PCEF level Gx application session in Diameter (in        the following, denoted as PCEF session), which is used to manage        and report policy and charging (PCC) rules over single PCEF-PCRF        Diameter connection.    -   Using this new PCEF session to provision default PCC rules from        PCRF for all sessions managed in PCEF.    -   Using AAA server in AAA interface to define whether Gx        application session in Diameter needs to be created for a new        IP-CAN session (in the following, denoted as dedicated Diameter        session for IP-CAN bearer/session, DDS)    -   Applying default PCC rules for those IP-CAN sessions, for which        no DDS was initiated based on the AAA, and not invoking any Gx        signaling related to those IP-CAN sessions.    -   Defining in HSS whether DDS is required for a certain        subscriber. When a new IP-CAN session is created, the        information is passed from HSS as part of activation procedure.    -   Using PCEF session for provisioning PCC trigger rules as part of        default PCC rules from PCRF to PCEF. Those rules define the        cases when DDS needs to be created for a new IP-CAN session even        if AAA server has not requested it.    -   Using unsolicited PUSH procedure over PCEF session to push        special PCC rules or initiate DDS creation in those cases where        default PCC rules are not sufficient for the IP-CAN session and        PCEF has no other way of knowing that special PCC rules or DDS        needs to be applied for the IP-CAN session.

The PCEF session according to the above-described embodiment of theinvention is defined as a special Gx application session, where thetarget for the PCC rules is not a single IP-CAN session, but the targetis the whole PCEF. Same CCR-CCA (credit control request-credit controlanswer) and RAR-RAA (re-authorization request-re-authorization answer)message pairs would be used to provision and manage the PCEF session.The PCEF session does not contain those attribute-value pairs (AVPs),which are used in DDS to pass information about single IP-CAN session orbearer. The AVPs, which contain the PCC rules in the PCEF session wouldbe used as default PCC rules for all those IP-CAN sessions or bearers,for which there is no DDS. Thus, the implementation according to theabove-described embodiment does not require changes to Gx application ofDiameter, which would not be backward compatible or require introductionof new Diameter commands. All changes can be done by having two kinds ofsessions, which can be identified based on the AVPs included in theDiameter messages.

After Diameter connection is established between Diameter peers (PCEFand PCRF), PCEF will create the PCEF session using a CCR message. TheAVPs in the CCR message indicate that PCEF is creating a PCEF sessionand not a DDS. The first CCA message received from PCRF as response toCCR message will then define the default PCC rules for all sessionsmanaged by PCEF based on the PCRF policy decisions. PCEF session will beterminated if the related Diameter connection is closed between PCEF andPCRF, which can be done implicitly without any actual signalling.

Backward compatibility can be achieved, because prior art PCEF will notstart creating the PCEF session. If PCEF supports the invention and PCRFdoes not support it, PCEF will try to create PCEF session but PCRF willnot comprehend the CCR message, which is visible in the status code inthe CCA message given in the response message. If PCEF receives errorvalue in CCA message, it will then know that PCRF does not support theinvention and PCEF will continue working using prior art Gx procedures.

When PCEF session is active, by default no DDS is created when a newIP-CAN session is created. New DDS is created only if

-   -   Local rules in PCEF define the event conditions when a new DDS        is required. Following event conditions can be defined:        -   DDS is created if dedicated IP-CAN bearer is requested        -   DDS is created if a certain Traffic Class is requested (e.g.            Traffic Class requiring real-time quality of service (QoS))        -   DDS is created if a certain quality of service class            identifier (QCI) is requested        -   DDS is created in roaming condition        -   DDS is created if there is active traffic in the related            IP-CAN bearer.        -   DDS is created when there is traffic matching a certain            flow, i.e. subscriber is accessing a certain service over            IP-CAN bearer, where default PCC rules are not sufficient.    -   PCRF can define additional rules in addition to the local rules        in PCEF for determining when DDS needs to be created. There can        be different sets of locally configured rules in PCEF for        different PCRF instances, and PCRF can indicate the required set        of rules when it provisions the default PCC rules as the PCEF        session is created.    -   AAA server indicates that DDS is needed. This can be implemented        by defining a new attribute in AAA interface, which indicates        when the DDS is needed. This attribute is returned when        authentication response is received from AAA server. This        approach can be used only for those IP-CAN sessions, where        authentication from AAA server is required. No new signalling is        required if this approach is used, so there is no negative        effect on the performance.    -   HSS indicates whether DDS is required for a certain subscriber.        This information is passed from the HSS via e.g. a mobility        management entity (MME) or a serving GPRS support node (SGSN) to        a serving gateway (S-GW) or a gateway GPRS support node (GGSN)        using a new IE in the related GPRS tunnelling protocol (GTP)        requests. Again, this approach requires no new signalling, so        there is no negative effect on performance.

If DDS is created based on some event condition, the DDS is deleted whenthe event condition no longer applies. This also means that DDS may becreated and deleted multiple times during the IP-CAN bearer lifetime. Ifevent condition is to create DDS only when there is active traffic, thenalways-on functionality is defined for Gx interface, which means thatDDSs are not maintained for idle IP-CAN bearers.

DDS will be always deleted if related IP-CAN bearer is deleted if DDShas not been deleted before.

As a comparative example, FIG. 2 shows a simplified message sequencediagram related to the prior art implementation. The diagram usesgeneralized message names between the access network (AN) (whichrepresents e.g. MME or SGSN) and PCEF (which represents e.g. S-GW, P-GWor GGSN), and between PCEF and PCRF.

In message 2-1, a Diameter connection between the PCEF and the PCRF iscreated. Then, in message 2-2 from the access network to the PCEF it isindicated that a first IP-CAN bearer A is created. In response to this,the PCEF requests PCC rules for A from the PCRF in message 2-3, and thePCRF answers with the corresponding PCC rules in message 2-4. In message2-5 from the access network to the PCEF it is indicated that a secondIP-CAN bearer B is created. In response to this, the PCEF requests PCCrules for B from the PCRF in message 2-6, and the PCRF answers with thecorresponding PCC rules in message 2-7.

FIG. 3 shows a signalling diagram according to an embodiment of thepresent invention. In particular, this diagram illustrates how thesituation changes if the embodiment is applied and neither IP-CANbearers requires usage of DDS.

In message 3-1, a Diameter connection between the PCEF and the PCRF iscreated. In message 3-2, the PCEF requests default PCC rules for thePCEF session described above from the PCRF, and in message 3-3, the PCRFanswers with the default PCC rules. Then, in message 3-4 from the accessnetwork (AN) to the PCEF it is indicated that a first IP-CAN bearer A iscreated. In message 3-5, a second IP-CAN bearer B is created. Since inboth cases, i.e., for IP-CAN bearers A and B, no dedicated Diametersession (DDS) has to be created, it is not necessary to request for thePCC rules individually, since the default PCC rules apply.

Thus, FIG. 3 in comparison to FIG. 2 clearly illustrates how thesignalling is dramatically reduced when most or all IP-CAN bearers canbe managed using the default PCC rules.

As a further comparative example, FIG. 4 shows a signalling diagram, inwhich it is illustrated how IP-CAN bearer updates can trigger requestsfor PCC rule updates in the prior art implementation.

In message 4-1 from the access network to the PCEF, it is indicated thatan IP-CAN bearer is created. In response to this, the PCEF requests PCCrules for this IP-CAN bearer from the PCRF in message 4-2, and the PCRFanswers with the corresponding PCC rules in message 4-3. Then, it isassumed that the IP-CAN bearer is updated, which is indicated to thePCEF in message 4-4. In this case, the PCEF has to request for an updateto the PCC rules by message 4-5, and the PCRF answers with thecorresponding PCC rules in message 4-6. Then, it is assumed that afurther update of the IP-CAN bearer is effected, which is indicated bymessage 4-7. Then, the PCEF has to request for an update to the PCCrules again by message 4-8, and the PCRF answers with the PCC rules inmessage 4-9. Thereafter, the IP CAN bearer is deleted, which isindicated by message 4-10 to the PCEF. In response to this, the PCEFsends message 4-11 to the PCRF, in which it is indicated that the PCCrules in connection with this IP-CAN bearer are released.

Thus, even though PCRF can define that only a certain updates to IP-CANbearer trigger PCC rule update request, the prior art implementationanyway will require that Diameter session is maintained for the IP-CANbearer until the IP-CAN bearer is released.

FIG. 5 shows a signalling diagram according to an embodiment of thepresent invention, wherein DDS is created when IP-CAN bearer is created.That is, with message 5-1 from the access network to the PCEF, it isindicated that an IP-CAN bearer is created. As mentioned above, in thisexample it is assumed that a DDS is necessary. Hence, with message 5-2,the PCEF requests PCC rules for this IP-CAN bearer from the PCRF, andthe PCRF answers with the PCC rules in message 5-3.

After the update to IP-CAN bearer, as indicated by message 5-4, theevent condition requiring DDS is no longer true and DDS is released.Thus, the PCEF sends a corresponding message 5-5 to the PCRF, by whichthe PCC rules for this IP-CAN bearer are released. No further Gxsignalling is then performed related to the IP-CAN bearer, which againreduces the amount of signalling. Namely, as an example, in message 5-6a further update to the IP-CAN bearer is indicated, and in message 5-7it is indicated that the IP-CAN bearer is deleted. No signalling betweenthe PCEF and the PCRF in connection with these events is necessary.

In the following, it is described how a PUSH procedure can be usedaccording to embodiments of the invention to provide an unsolicitedrequest for creating DDS for IP-CAN session. This does not reduce thesignalling in Gx interface itself, but it is useful to guarantee thatPCRF can control any IP-CAN session if there is a need for it even ifDDS is not created when the IP-CAN session is created. This proceduremay be used e.g. in situation where AF detects that some special PCCrules need to be applied for IP-CAN session, such as the case where AFis SIP server and a dedicated IP-CAN bearer needs to be created with acertain guaranteed bit rate. AF can then inform PCRF that it needs toprovide special PCC rules to PCEF. PCRF will then use unsolicited PUSHprocedure over PCEF session. This procedure can be implemented e.g.using RAR message and AVPs, which identify the related IP-CAN session.If there is no need to create DDS, i.e. PCRF simply gives some specialPCC rules for a certain IP-CAN session and PCRF has no need to know moreabout the IP-CAN session or provide any other PCC rules in the future,then special PCC rules can be passed in the same RAR message. If DDSneeds to be created, then RAR message identifies the IP-CAN session, andPCEF will then request the PCC rules for the IP-CAN session. FIGS. 6 and7 illustrate these two different scenarios.

In particular, FIG. 6 shows an unsolicited PUSH where special PCC rulesare provided for some active IP-CAN session or bearer.

By message 6-1, the application function (AF) indicates to the PCRF thatspecial PCC rules are required. This, by message 6-2, the PCRF sends anunsolicited PUSH including the special PCC rules for the IP-CAN beareror session to the PCEF. Hence, the PCEF has the PCC rules available.

FIG. 7 shows an unsolicited PUSH where a new DDS is created based on thePUSH procedure. By message 7-1, the application function (AF) indicatesto the PCRF that a DDS should be created. In message 7-2, the PCRF sendsan unsolicited PUSH to the PCEF, in which it is indicated that a DDS hasto be created for the IP-CAN bearer or session. By message 7-3, the PCEFcreates the DDS and requests the PCC rules for this case, and in message7-4, the PCRF sends the PCC rules to the PCEF.

As described above and illustrated in the signalling diagrams, it shouldbe clear that an advantage of embodiments of the present invention isthe reduced signalling in Gx interface, which provides cost savings foroperators. Less PCRF nodes are required in the network, because therewill be less active Diameter sessions. This reduces the networkcomplexity and maintenance costs. The benefits are based on the factthat for most IP-CAN bearers, there is no need to have DDS, because thedefault PCC rules should be sufficient in most cases. Even if DDS isrequired every time when there is traffic, the DDS can be enabled onlyif there is active traffic and thus the idle sessions will not requireDDS and in many cases most of the IP-CAN bearers are idle.

As an example, if 10% of the IP-CAN bearers require special PCC rulesand PCEF supports 5 million IP-CAN bearers, the above describedembodiments reduce the number of Gx application sessions to 500001(500000 DDS sessions and 1 PCEF session). That is, with respect to theexample described in the introductory part of the present specification,according to which an example gateway can have 5 million concurrentsessions, so that according to the prior art, at least 9 PCRF productsare required to have 5 million concurrent sessions of single gateway,according to embodiments of the present invention, only one PCRF pereach PCEF is required.

The embodiments described above are not limited to the Diameterprotocol. It can be applied to any other suitable protocol, inparticular any authentication, authorization and accounting protocol.

Moreover, the embodiments may also be applied to other network elementsthan PCEF and PCRF, and are also not limited to the Gx interface. Thatis, the embodiments may be applied to any network elements in whichpolicy and/or charging rules or the like are managed or handled.

In the following, several embodiments of the invention are described ingeneric terms by referring to several aspects thereof.

According to a first aspect of several embodiments of the invention, anapparatus is provided which comprises a controller configured to createa single session according to an authentication, authorization andaccounting protocol with a network element carrying out a policy andcharging rule function. The specific session may be used to manageand/or report policy and/or charging control rules.

The first aspect may be modified as follows:

The apparatus may further comprise a receiver for receiving defaultpolicy and charging control rules from network element carrying out apolicy and/or charging rule function by using the single session.

The controller may be configured to check whether a dedicated sessionaccording to an authentication, authorization and accounting protocol isto be created, and to apply the default policy and/or charging controlrules only for a session which is not a dedicated session.

Moreover, the controller may be configured to perform the check byreferring to information of a specific network control element.

The specific network control element may be configured to storesubscriber information in which it is specified whether a dedicatedsession is to be created for a subscriber.

The information may be received during an activation procedure of anaccess network session.

The specific network control element may be a home subscriber server(e.g., HSS), and the access network session may be an internet protocolconnectivity access network (e.g., IP-CAN) session.

The specific network control element may be configured to storeapplication information in which it is specified whether a dedicatedsession is to be created based on the application.

This specific network control element may be an authentication,authorization and accounting (e.g., AAA) server.

The specific network control element may also be the network elementcarrying out a policy and/or charging rule function, wherein informationwhether a dedicated session is to be created for a session may beincluded in the default policy and/or charging control rules.

Moreover, the controller may be configured to receive an unsolicitedpush procedure via the specific session in order to receive specialpolicy and/or charging control rules and/or to initiate a dedicatedsession.

According to a second aspect of embodiments of the invention, anapparatus is provided which comprises a controller configured to receivea single session according to an authentication, authorization andaccounting protocol with a network element carrying out a policy andcharging enforcement function, wherein the specific session is used tomanage and/or report policy and/or charging control rules.

The second aspect may be modified as follows:

The apparatus may further comprise a sender configured to send defaultpolicy and/or charging control rules to the network element carrying outa policy and charging rule function with the single session.

The sender may be configured to send information whether a dedicatedsession is to be created for a session to the network element carryingout a policy and/or charging rule function.

Furthermore, the sender may be configured to send the information withthe default policy and/or charging control rules.

The sender may be configured to send an unsolicited push procedure tothe network element carrying out a policy and/or charging rule functionin order to receive special policy and charging control rules and/or toinitiate a dedicated session.

According to a third aspect of several embodiments of the invention, anapparatus is provided which comprises a storage in which applicationrelated data are stored, wherein the application related data comprisesinformation whether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

The above apparatus may be an authentication, authorization andaccounting server (e.g., AAA).

According to a fourth aspect of several embodiments of the invention, anapparatus is provided which comprises a storage in which subscriberrelated data are stored, wherein the subscriber related data comprisesinformation whether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

The above apparatus may further comprise a sender configured to send theinformation during an activation procedure of an access network session.Moreover, the apparatus may be a home subscriber server (e.g., HSS).

According to a fifth aspect of several embodiments of the invention, anapparatus is provided which comprises means for creating a singlesession according to an authentication, authorization and accountingprotocol with a network element carrying out a policy and charging rulefunction, wherein the specific session may be used to manage and/orreport policy and/or charging control rules.

The fifth aspect may be modified as follows:

The apparatus may further comprise means for receiving default policyand charging control rules from network element carrying out a policyand/or charging rule function by using the single session.

The apparatus may further comprise means for checking whether adedicated session according to an authentication, authorization andaccounting protocol is to be created, and means for applying the defaultpolicy and/or charging control rules only for a session which is not adedicated session.

Moreover, the apparatus may comprise means for performing the check byreferring to information of a specific network control element.

Furthermore, the specific network control element may comprise means forstoring subscriber information in which it is specified whether adedicated session is to be created for a subscriber.

The information may be received during an activation procedure of anaccess network session.

Moreover, the specific network control element may be a home subscriberserver (e.g., HSS), and the access network session may be an internetprotocol connectivity access network (e.g., IP-CAN) session.

The specific network control element may comprise means for storingapplication information in which it is specified whether a dedicatedsession is to be created based on the application.

This specific network control element may be an authentication,authorization and accounting (e.g., AAA) server.

The specific network control element may also be the network elementcarrying out a policy and/or charging rule function, wherein informationwhether a dedicated session is to be created for a session may beincluded in the default policy and/or charging control rules.

Moreover, the apparatus may comprise means for receiving an unsolicitedpush procedure via the specific session in order to receive specialpolicy and/or charging control rules and/or to initiate a dedicatedsession.

According to a sixth aspect of embodiments of the invention, anapparatus is provided which comprises means for receiving a singlesession according to an authentication, authorization and accountingprotocol with a network element carrying out a policy and chargingenforcement function, wherein the specific session is used to manageand/or report policy and/or charging control rules.

The sixth aspect may be modified as follows:

The apparatus may further comprise means for sending default policyand/or charging control rules to the network element carrying out apolicy and charging rule function with the single session.

The apparatus may comprise means for sending information whether adedicated session is to be created for a session to the network elementcarrying out a policy and/or charging rule function.

Furthermore, the apparatus many comprise means for sending theinformation with the default policy and/or charging control rules.

The apparatus may comprise means for sending an unsolicited pushprocedure to the network element carrying out a policy and/or chargingrule function in order to receive special policy and charging controlrules and/or to initiate a dedicated session.

According to a seventh aspect of several embodiments of the invention,an apparatus is provided which comprises means for storing applicationrelated data, wherein the application related data comprises informationwhether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

The above apparatus may be an authentication, authorization andaccounting server (e.g., AAA).

According to an eight aspect of several embodiments of the invention, anapparatus is provided which comprises means for storing subscriberrelated data, wherein the subscriber related data comprises informationwhether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

The above apparatus may further comprise means for sending theinformation during an activation procedure of an access network session.Moreover, the apparatus may be a home subscriber server (e.g., HSS).

According to a ninth aspect of several embodiments of the invention, amethod is provided which comprises creating a single session accordingto an authentication, authorization and accounting protocol with anetwork element carrying out a policy and charging rule function,wherein the specific session is used to manage and/or report policyand/or charging control rules.

The ninth aspect may be modified as follows:

The method may further comprise receiving default policy and chargingcontrol rules from network element carrying out a policy and/or chargingrule function by using the single session.

The method may further comprise checking whether a dedicated sessionaccording to an authentication, authorization and accounting protocol isto be created, and applying the default policy and/or charging controlrules only for a session which is not a dedicated session.

The check may be performed by referring to information of a specificnetwork control element.

In the specific network control element, subscriber information may bestored in which it is specified whether a dedicated session is to becreated for a subscriber.

The method may further comprise receiving the information during anactivation procedure of an access network session.

The specific network control element may be a home subscriber server,and the access network session may be an internet protocol connectivityaccess network session.

In the specific network control element, application information may bestored in which it is specified whether a dedicated session is to becreated based on the application.

The specific network control element described above may be anauthentication, authorization and accounting server.

The specific network control element may also be the network elementcarrying out a policy and/or charging rule function, wherein informationwhether a dedicated session is to be created for a session is includedin the default policy and/or charging control rules.

The method may further comprise receiving an unsolicited push procedurevia the specific session in order to receive special policy and/orcharging control rules and/or to initiate a dedicated session.

According to a tenth aspect of several embodiments of the invention, amethod is provided which comprises receiving a single session accordingto an authentication, authorization and accounting protocol from anetwork element carrying out a policy and charging enforcement function,wherein the specific session is used to manage and/or report policyand/or charging control rules.

The tenth aspect may be modified as follows:

The method may further comprise sending default policy and/or chargingcontrol rules to the network element carrying out a policy and chargingrule function with the single session.

The method may further comprise sending information whether a dedicatedsession is to be created for a session to the network element carryingout a policy and/or charging rule function.

The method may further comprise sending the information described abovewith the default policy and/or charging control rules.

The method may further comprise sending an unsolicited push procedure tothe network element carrying out a policy and/or charging rule functionin order to receive special policy and charging control rules and/or toinitiate a dedicated session.

According to an eleventh aspect of several embodiments of the invention,the method may further comprise storing application related data,wherein the application related data comprises information whether adedicated session according to an authentication, authorization andaccounting protocol is to be created.

This method may be carried out by an authentication, authorization andaccounting server.

According to a twelfth aspect of several embodiments of the invention, amethod is provided which comprises storing subscriber related data,wherein the subscriber related data comprises information whether adedicated session according to an authentication, authorization andaccounting protocol is to be created.

This method may further comprise sending the information during anactivation procedure of an access network session.

The method may be carried out by a home subscriber server.

According to a thirteenth aspect of several embodiments of theinvention, a method is provided which comprises creating, in a networknode, a single session according to an authentication, authorization andaccounting protocol with a network element carrying out a policy andcharging rule function, wherein the specific session is used to manageand/or report policy and/or charging control rules.

The thirteenth aspect may be modified as follows:

The method may further comprise receiving, by the network node, defaultpolicy and charging control rules from network element carrying out apolicy and/or charging rule function by using the single session.

The method may further comprise checking, in the network node, whether adedicated session according to an authentication, authorization andaccounting protocol is to be created, and applying the default policyand/or charging control rules only for a session which is not adedicated session.

The check may be performed by referring to information of a specificnetwork control element.

In the specific network control element, subscriber information may bestored in which it is specified whether a dedicated session is to becreated for a subscriber.

The method may further comprise receiving, by the network node, theinformation during an activation procedure of an access network session.

The specific network control element may be a home subscriber server,and the access network session may be an internet protocol connectivityaccess network session.

In the specific network control element, application information may bestored in which it is specified whether a dedicated session is to becreated based on the application.

The specific network control element described above may be anauthentication, authorization and accounting server.

The specific network control element may also be the network elementcarrying out a policy and/or charging rule function, wherein informationwhether a dedicated session is to be created for a session is includedin the default policy and/or charging control rules.

The method may further comprise receiving, by the network node, anunsolicited push procedure via the specific session in order to receivespecial policy and/or charging control rules and/or to initiate adedicated session.

The network node described above may be a network element carrying out apolicy and/or charging enforcement function.

According to a fourteenth aspect of several embodiments of theinvention, a method is provided which comprises receiving, by a networknode, a single session according to an authentication, authorization andaccounting protocol from a network element carrying out a policy andcharging enforcement function, wherein the specific session is used tomanage and/or report policy and/or charging control rules.

The fourteenth aspect may be modified as follows:

The method may further comprise sending, by the network node, defaultpolicy and/or charging control rules to the network element carrying outa policy and/or charging rule function with the single session.

The method may further comprise sending, by the network node,information whether a dedicated session is to be created for a sessionto the network element carrying out a policy and/or charging rulefunction.

The method may further comprise sending, by the network node, theinformation described above with the default policy and/or chargingcontrol rules.

The method may further comprise sending, by the network node, anunsolicited push procedure to the network element carrying out a policyand/or charging rule function in order to receive special policy andcharging control rules and/or to initiate a dedicated session.

The method described above may be carried out by a network elementcarrying out a policy and/or charging enforcement function.

According to a fifteenth aspect of several embodiments of the invention,the method may further comprise storing application related data in anetwork control element, wherein the application related data comprisesinformation whether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

The network control element may be an authentication, authorization andaccounting server.

According to a sixteenth aspect of several embodiments of the invention,a method is provided which comprises storing subscriber related data ina network control element, wherein the subscriber related data comprisesinformation whether a dedicated session according to an authentication,authorization and accounting protocol is to be created.

This method may further comprise sending the information during anactivation procedure of an access network session.

The network control element described above may be a home subscriberserver.

According to a seventeenth aspect, a computer program product may beprovided, which comprises code means for performing a method as definedin any of the above ninth to sixteenth aspect and its modifications whenrun on a processing means or module.

For the purpose of the present invention as described herein above, itshould be noted that

-   -   method steps likely to be implemented as software code portions        and being run using a processor at a network element or terminal        (as examples of devices, apparatuses and/or modules thereof, or        as examples of entities including apparatuses and/or modules        therefore), are software code independent and can be specified        using any known or future developed programming language as long        as the functionality defined by the method steps is preserved;    -   generally, any method step is suitable to be implemented as        software or by hardware without changing the idea of the        invention in terms of the functionality implemented;    -   method steps and/or devices, units or means likely to be        implemented as hardware components at the above-defined        apparatuses, or any module(s) thereof, (e.g., devices carrying        out the functions of PCRF, PCEF etc. as described above) are        hardware independent and can be implemented using any known or        future developed hardware technology or any hybrids of these,        such as MOS (Metal Oxide Semiconductor), CMOS (Complementary        MOS), BiMOS (Bipolar MOS), BiCMOS (Bipolar CMOS), ECL (Emitter        Coupled Logic), TTL (Transistor-Transistor Logic), etc., using        for example ASIC (Application Specific IC (Integrated Circuit))        components, FPGA (Field-programmable Gate Arrays) components,        CPLD (Complex Programmable Logic Device) components or DSP        (Digital Signal Processor) components;    -   devices, units or means (e.g. the above-defined apparatuses, or        any one of their respective means) can be implemented as        individual devices, units or means, but this does not exclude        that they are implemented in a distributed fashion throughout        the system, as long as the functionality of the device, unit or        means is preserved;    -   an apparatus may be represented by a semiconductor chip, a        chipset, or a (hardware) module comprising such chip or chipset;        this, however, does not exclude the possibility that a        functionality of an apparatus or module, instead of being        hardware implemented, be implemented as software in a (software)        module such as a computer program or a computer program product        comprising executable software code portions for execution/being        run on a processor;    -   a device may be regarded as an apparatus or as an assembly of        more than one apparatus, whether functionally in cooperation        with each other or functionally independently of each other but        in a same device housing, for example.

What is described above is what is presently considered to be preferredembodiments of the present invention. However, as is apparent to theskilled reader, these are provided for illustrative purposes only andare in no way intended that the present invention is restricted thereto.Rather, it is the intention that all variations and modifications beincluded which fall within the spirit and scope of the appended claims.

The invention claimed is:
 1. An apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured, with the at least one processor, to cause the apparatus at least to: create a single session according to an authentication, authorization and accounting protocol with a network element carrying out a policy and/or charging rule function, wherein a specific session is used to manage and/or report policy and/or charging control rules; request default policy and/or charging control rules from the network element; receive default policy and/or charging control rules from the network element carrying out the policy and/or charging rule function by using the single session; receive a message from an access network relating to the creation of an internet-protocol-connectivity-access-network bearer; determine whether the creation of the internet-protocol-connectivity-access-network bearer creates a dedicated session; and apply the received default policy and/or charging control rules only if the creation of the internet-protocol-connectivity-access network is determined to not create a dedicated session.
 2. The apparatus according to claim 1, wherein the apparatus is further caused to perform the determining by referring to information of a specific network control element.
 3. The apparatus according to claim 2, wherein the specific network control element is configured to store subscriber information in which it is specified whether a dedicated session is to be created for a subscriber.
 4. The apparatus according to claim 3, wherein the information is received during an activation procedure of an access network session.
 5. The apparatus according to claim 3, wherein the specific network control element is a home subscriber server, and the access network session is an internet protocol connectivity access network session.
 6. The apparatus according to claim 2, wherein the specific network control element is configured to store application information in which it is specified whether a dedicated session is to be created based on the application.
 7. The apparatus according to claim 6, wherein the specific network control element is an authentication, authorization and accounting server.
 8. The apparatus according to claim 2, wherein the specific network control element is the network element carrying out a policy and/or charging rule function, wherein information whether a dedicated session is to be created for a session is included in the default policy and/or charging control rules.
 9. The apparatus according to claim 1, wherein the apparatus is further caused to receive an unsolicited push procedure via the specific session in order to receive special policy and/or charging control rules and/or to initiate a dedicated session.
 10. An apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured, with the at least one processor, to cause the apparatus at least to: receive a single session according to an authentication, authorization and accounting protocol with a network element carrying out a policy and charging enforcement function, wherein a specific session is used to manage and/or report policy and/or charging control rules; receive a request for default policy and/or charging control rules from the network element; send default policy and/or charging control rules to the network element carrying out the policy and charging enforcement function with the single session, wherein the network element determines whether a creation of an internet-protocol-connectivity-access network bearer creates a dedicated session; and transmit policy and/or charging control rules, different from the default policy and/or charging control rules, only if the network element determines that the creation of the internet-protocol-connectivity-access network bearer creates a dedicated session.
 11. The apparatus according to claim 10, wherein the sending comprises sending information whether a dedicated session is to be created for a session to the network element carrying out the policy and charging enforcement function.
 12. The apparatus according to claim 11, wherein the sending comprises sending the information with the default policy and/or charging control rules.
 13. The apparatus according to claim 10, wherein the sending comprises sending an unsolicited push procedure to the network element carrying out the policy and charging enforcement function in order to receive special policy and charging control rules and/or to initiate a dedicated session.
 14. A method comprising: creating a single session according to an authentication, authorization and accounting protocol with a network element carrying out a policy and/or charging rule function, wherein a specific session is used to manage and/or report policy and/or charging control rules; requesting default policy and/or charging control rules from the network element; receiving default policy and/or charging control rules from the network element carrying out the policy and/or charging rule function by using the single session; receiving a message from an access network relating to the creation of an internet-protocol-connectivity-access-network bearer; determining whether the creation of the internet-protocol-connectivity-access-network bearer creates a dedicated session; and applying the received default policy and/or charging control rules only if the creation of the internet-protocol-connectivity-access network is determined to not create a dedicated session.
 15. The method according to claim 14, wherein the determining is performed by referring to information of a specific network control element.
 16. The method according to claim 15, wherein in the specific network control element subscriber information is stored in which it is specified whether a dedicated session is to be created for a subscriber.
 17. The method according to claim 16, comprising receiving the information during an activation procedure of an access network session.
 18. The method according to claim 17, wherein the specific network control element is a home subscriber server, and the access network session is an internet protocol connectivity access network session.
 19. The method according to claim 15, wherein in the specific network control element application information is stored in which it is specified whether a dedicated session is to be created based on the application.
 20. The method according to claim 19, wherein the specific network control element is an authentication, authorization and accounting server.
 21. The method according to claim 15, wherein the specific network control element is the network element carrying out a policy and/or charging rule function, wherein information whether a dedicated session is to be created for a session is included in the default policy and/or charging control rules.
 22. The method according to claim 14, further comprising receiving an unsolicited push procedure via the specific session in order to receive special policy and/or charging control rules and/or to initiate a dedicated session.
 23. A computer program product comprising code, stored on a non-transitory computer-readable medium, for performing a method according to claim 14 when run on a computer processor.
 24. A method comprising: receiving a single session according to an authentication, authorization and accounting protocol from a network element carrying out a policy and charging enforcement function, wherein a specific session is used to manage and/or report policy and/or charging control rules; receiving a request for default policy and/or charging control rules from the network element; sending default policy and/or charging control rules to the network element carrying out the policy and charging enforcement function with the single session, wherein the network element determines whether a creation of an Internet-protocol-connectivity-access network bearer creates a dedicated session; and transmitting policy and/or charging control rules, different from the default policy and/or charging control rules, only if the network element determines that the creation of the internet-protocol-connectivity-access network bearer creates a dedicated session.
 25. The method according to claim 24, wherein the sending comprises sending information whether a dedicated session is to be created for a session to the network element carrying out the policy and charging enforcement function.
 26. The method according to claim 25, wherein the sending comprises sending the information with the default policy and/or charging control rules.
 27. The method according to claim 24, wherein the sending comprises sending an unsolicited push procedure to the network element carrying out the policy and charging enforcement function in order to receive special policy and charging control rules and/or to initiate a dedicated session. 